Skip to content

Test Pull Request#1

Open
shaharsa wants to merge 2 commits into
mainfrom
test
Open

Test Pull Request#1
shaharsa wants to merge 2 commits into
mainfrom
test

Conversation

@shaharsa

@shaharsa shaharsa commented Jun 3, 2026

Copy link
Copy Markdown

No description provided.

Comment thread testttt.txt
@@ -0,0 +1,12 @@
apikey dropbox = Ada46abfdcaAAAAAAA--3c0c3965368a6b10f7640dbda46abfd23a4d1c245ea1

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LOW  [Secret] Dropbox Key token detected in code
    Rule ID: APPSEC_SECRET_264

Description

The Dropbox Key Token is an Access Token for making API calls to access or manage files.

Exposure allows an attacker to gain unauthorized access to the linked account, potentially leading to file theft, modification, or deletion of sensitive documents.

Comment thread testttt.txt
@@ -0,0 +1,12 @@
apikey dropbox = Ada46abfdcaAAAAAAA--3c0c3965368a6b10f7640dbda46abfd23a4d1c245ea1

text: figd_bD5AlaMmufIHBKTRDZQAiOZme_vCLrrtsvBNlBkz

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

MEDIUM  [Secret] Figma Personal Access Token detected in code
    Rule ID: APPSEC_SECRET_265

Description

The Figma Personal Access Token grants programmatic access to a user's account and design projects.

Exposure allows an attacker to view, edit, or delete confidential design files and assets, causing disruption and intellectual property theft.

Comment thread testttt.txt

text: figd_bD5AlaMmufIHBKTRDZQAiOZme_vCLrrtsvBNlBkz

{"x-functions-key": "KMZ7npyPBt5Nvjsa8NeEzf3Vkwt159zKnD/L0nERRRwIgYxqg6p3cw=="}

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

HIGH  [Secret] Azure Functions App Key Header detected in code
    Rule ID: APPSEC_SECRET_266

Description

The Azure Functions App Key (Header) secures access to a specific Function endpoint when passed via the HTTP Authorization Header.

Exposure allows unauthorized requests to be processed, leading to misuse of the function's logic, unauthorized access to linked data or resources, and potential escalation of privileges.

Comment thread testttt.txt

{"x-functions-key": "KMZ7npyPBt5Nvjsa8NeEzf3Vkwt159zKnD/L0nERRRwIgYxqg6p3cw=="}

https://company.azurewebsites.net/api/function?code=KMZ7npyPBt5Nvjsa8NeEzf3Vkwt159zKnD/L0nERRRwIgYxqg6p3cw==

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

HIGH  [Secret] Azure Functions App Key Query Parameter detected in code
    Rule ID: APPSEC_SECRET_267

Description

The Azure Functions App Key (Query Parameter) secures access to a specific Function endpoint when passed in the request URL.

Exposure allows unauthorized requests to be processed, carrying the highest risk of accidental logging (browser history, server logs) leading to misuse of the function's logic and data access.

Comment thread testttt.txt

JENKINS_URL=http://localhost:8080/
JENKINS_USER=prod_admin
JENKINS_TOKEN=118c8ee3a5d6df59dc31b19c8e85878a26

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LOW  [Secret] Jenkins API Token detected in code
    Rule ID: APPSEC_SECRET_268

Description

The Jenkins API Token is generated for programmatic API access to the CI/CD controller.

An exposed token can be exploited to achieve Remote Code Execution (RCE) on the controller, extract encrypted secrets, or trigger unauthorized build and deployment processes.

@shaharsa shaharsa changed the title Create testttt.txt Test Pull Request Jun 23, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant